Mercurial Mercurial > py_tasks_melange / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
app/soc/views/helper/access.py
changeset 1068 8a06ebff014e
parent 1066 b22750a2b04a
child 1073 feea88d0e1d8 
--- a/app/soc/views/helper/access.py	Thu Jan 29 18:13:21 2009 +0000
+++ b/app/soc/views/helper/access.py	Thu Jan 29 18:18:20 2009 +0000
@@ -795,14 +795,20 @@
   @denySidebar
   def checkIsAllowedToManageRole(self, django_args, role_logic, manage_role_logic):
     """Returns an alternate HTTP response if the user is not allowed to manage
-       the role given in args.
+       the role given in args. 
+
+     Args:
+       role_logic: determines the logic for the role in args.
+       manage_role_logic: determines the logic for the role which is allowed 
+           to manage this role.
 
      Raises:
        AccessViolationResponse: if the required authorization is not met
 
     Returns:
-      None if the current User has an active role for the given role_logic.
-      None if the current User has an active managing role
+      None if the given role is active and belongs to the current user.
+      None if the current User has an active role (from manage_role_logic) 
+           that belongs to the same scope as the role that needs to be managed
     """
 
     try:
py_tasks_melange